/
go-test.sh
96 lines (85 loc) · 2.55 KB
/
go-test.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/bin/sh
args=("$@")
v_flag=''
f_flag=''
p_flag=''
while getopts 'fpv:' flag; do
case "${flag}" in
f)
file=${OPTARG}
f_flag='true'
;;
v)
package=${OPTARG}
v_flag='true'
;;
p)
package=${OPTARG}
p_flag='true'
;;
*) exit 1
;;
esac
done
coveroutput="cover.out"
tmpfile="tmp.out"
function run_vul_check() {
package=${args[1]}
go install golang.org/x/vuln/cmd/govulncheck@latest
scan_result=`govulncheck -json ./... | jq -r '.vulnerability | {cves: .osv.aliases, id: .osv.id, details: .osv.details, packages: .modules, url: .osv.database_specific.url}' | jq --sort-keys | jq -s .| jq '.[] | with_entries( select( .value != null and . !={} )) | del(..|select(. == {}))| select( . != null)' | jq -s .`
echo "$scan_result"
vul_count=`echo $scan_result | jq length`
echo "$vul_count found in go package: $package"
}
function run_unit_tests() {
file=${args[2]}
package=${args[1]}
test_coversummary=`go test -v -cover ./... | grep -E -A15 --text "(^\-\-\-\-|Fail|Pass).*"`
test_cover_result=`echo "$test_coversummary" | grep --text "^--- "| cut -d " " -f2| sed "s/://g"`
#check if the test cases are passing before getting the coverage
if [[ $test_cover_result == "FAIL" ]];then
echo -e "$test_coversummary"
exit 1
fi
go_test_coverout=`go test ./$package -coverprofile=$coveroutput`
go tool cover -func=$coveroutput > $tmpfile
unlink $coveroutput
coveragesum=0
filecounter=0
if [[ $file != "" ]]; then
while read line; do
regex=".*"$file+"\.go.*"
if [[ $line =~ $regex ]]; then
echo $line
coverage=`echo "$line" | awk '{print $3}' | sed -E "s/\..*%//g"`
filecounter=$((filecounter + 1))
coveragesum=$((coveragesum + coverage))
fi
done < $tmpfile;
unlink $tmpfile
if [[ $coveragesum != 0 ]];then
echo ""
echo "Coverage for $file.go: $(( $coveragesum / $filecounter))%"
else
echo "No coverage found for the $file.go"
fi
else
go_test_coverout=`go test ./$package -coverprofile=$coveroutput`
go tool cover -func=$coveroutput
unlink $coveroutput
fi
test_result=`echo $go_test_coverout | cut -d ":" -f2 | cut -d " " -f2 | awk '{printf("%d\n",$0+=$0<0?0:0.9)}'`
# If coverage is below 65 then fail the build
if [[ $test_result -lt 65 ]]; then
exit 1
fi
}
if [[ $f_flag == 'true' ]]; then
run_unit_tests $package $file
fi
if [[ $v_flag == 'true' ]]; then
run_vul_check $package
fi
if [[ $p_flag == 'true' ]]; then
run_unit_tests $package
fi